Was the “Hillary/Podesta Email Hack” Really a Leak by a DNC Staffer?

The PBS Documentary Series and eMagazine, Front Line, is the best documentary series on television.

Normally, there is little bias against the conservative point of view (that is, they do not necessarily favor the progressive position). However, in their latest two-part documentary, “Putin’s Revenge,” the television program sells out to the view that the scandal involving emails that likely made the difference in the Trump/Clinton Presidential election, was due to a Russian hack directed by Vladimir Putin who sought revenge against Hillary Clinton for her actions during her stint as Secretary of State, and the CIA for its influence/interference in the so-called “Color Revolutions” that Russian officials continue to contend has been the U.S. agenda against Russia for over a decade. Frontline asserts that Russian cyber-espionage, directed by Putin himself, was “personal.” They paint a psychological portrait of Putin that, from their vantage point, verifies he had the motive (and opportunity and means) to seek Donald Trump’s election as the next President of the United States.

Former Homeland Security Secretary Jeh Johnson, whose responsibilities included cyber risks to state election systems, expressed similar worry (as expressed by former CIA Director, John Brennan that the scandal was due to Putin’s directive)

“We were very concerned that we would be perceived as taking sides,” said Johnson. “We were very concerned that we would be playing into Mr. Trump’s narrative that the election was going to be rigged.”

Brennan said it was not unusual for Russia to gather intelligence on the United States, but by releasing hacked data to embarrass its targets, it had “weaponized” that information. Something so disruptive, he said, required a “head nod” from Putin.

“The exploitation of the cyber environment gave us real concern that the Russians could be up to things that we hadn’t seen before, and we didn’t know what they were going to try to do,” he said.

FRONTLINE interviewed only those persons related to the “case” who held the view that the exposure of the emails was the work of Russian hackers rather than a leak by murdered DNC staffer, Seth Rich on July 8, 2017. Interviewed are journalists who work for the New York Times, the Washington Post, and Atlantic Magazine – all of whom have consistently attacked Donald Trump, before, during and after the election. Additional interviews in the documentary were with former CIA and DNI directors John Brennan and James Clapper, and former Homeland Security Secretary, Jeh Johnston, who all allege that the Russians were the principal “heavies” behind a cyber-attack on the United States’ Presidential Election to bias the outcome in favor of Donald Trump.

In the Frontline article Miller recounts:

On Oct. 7, Director of National Intelligence James Clapper joined Johnson in issuing a statement that, without naming Putin, announced Russian interference in state voting systems. But within half an hour of the statement’s release, an “Access Hollywood” video featuring crude remarks from Trump about women became public, dominating news coverage and burying the announcement from Clapper and Johnson. Later that evening, WikiLeaks published its first batch of hacked emails from Clinton’s campaign chairman, John Podesta.

Though Clapper said he was disappointed that the press release did not receive more attention, he said it had been crucial to get the word out.

“If the election, for whatever reason and whatever manner, were to go south, and then afterwards it was learned that we knew about what the Russians were doing, or had some pretty good insight into what they were doing, and we didn’t say anything about it before the election, there would really be hell to pay,” said Clapper.

The administration had also considered a cyber response, according to Brennan, but officials didn’t want to risk a cyberwar so close to the vote.

There is no mention that Seth Rich was the most likely source of a “leak and not a hack” as (virtually) asserted by Wikileaks founder Julian Assange in an interview in Europe. Many believe that Rich acted when he discovered that the DNC was controlled by Hillary Clinton (which Donna Brazile states in her new book out next week) and the election was “rigged” by Clinton to cheat Senator Bernie Sanders out of the Democratic Party nomination. According to reports and Assange’s statements (who published the leaked emails two days before the election), no nation-state was responsible for his acquisition of the massive number of email documents. The supposition from various reporters is that Rich copied files to a thumb drive and passed these on to Wikileaks’ sources by hand.

Of course, this allegation, along with the so-called “Pee-pee Dosier”that seeks to smear Donald Trump with sexual perversion when in Moscow (and which we learned this past week was funded by Hillary Clinton to the tune of $12 M — and subsequently used by then FBI Director James Comey), served as the basis for the long-term and still on-going investigation into “Russian collusion” by Special Investigator Robert Mueller. No collusion has been proved thus far, although former Trump campaign manager, Paul Manafort has been indicted (also this past week) for failing to register as a foreign agent for his actions years before on behalf of the then pro-Russia government of former Ukrainian President Viktor Yanukovych (2010-2014).

What is also suspect is this past week’s disclosure that Manafort was working with John and Tony Podesta who were, several years ago, lobbying Congress on behalf of Yanukovych. After this was disclosed this past week, according to the New York Times, Tony Podesta resigned from his firm.

Politico and New York Times Report Podesta Resigns, November 5, 2017

But Can a Nation-State Be Identified as the Source of an Email Hack?

One of the little-known issues, which I have researched in considerable detail, is, “Can we attribute cyber-attacks to a nation-state?” In other words, is the structure of the Internet such that experts, even those technically savvy in cyber-espionage, can verify that any particular nation-state is responsible for any given crime? This fall, I wrote an academic paper evaluating this issue as part of a post-graduate degree in Finance and Information Technology at Colorado State University.

I am providing a summary of the paper in this article, and a link below to a PDF of the full study.

My analysis concludes that only in those cases where a cyber-attack is carried out by rank-amateurs in an easily-identified Internet setting, can we be certain that any particular nation-state is involved. The one example that appears clear-cut was the hack on Sony Pictures in 2014 by North Korea who only had one direct connection to an Internet hub. However, Russia (like China and Iran) is one of the most sophisticated cyber-espionage states. Academic experts that I quote in my paper assert that any fingerprints discovered are much more likely planted by the offending party, not accidentally left behind. Academics contend that cyber-espionage and the attribution of cyber-crime is a political matter and not a technical one. In other words, a nation that alleges another nation carried out a cyber-attack on it, in reality, has a political score to settle with the accused nation-state. Therefore, such allegations could never be proved to the satisfaction of an independent third-party.

Furthermore, in my academic paper, I draw on journal articles written by James Clapper himself with a cadre of other intelligence experts, that document the near-impossibility of fingering a sophisticated cyber-criminal. This is the same James Clapper that asserts confidently (regarding Russian hacking) that “Russia did it!” in the case of the DNC email breach. It appears that the intellectual James Clapper and the political James Clapper are not of the same mind.

Consequently, I encourage the reader to watch the documentary – but consider that the story of the real crimes is not told. The true account is one of murder, breaking campaign laws, and deception by government officials and journalists who are in the tank for the opponents to Donald Trump. Vladimir Putin and his Russian government do hack the U.S. and its corporations. The Wikileaks’ release of the Podesta/Clinton emails did influence the Presidential election. However, it is far more likely that the emails were made available by an insider (Seth Rich) and not Vladimir Putin. Frontline has done us a disservice by not providing a fair view of how difficult (indeed almost impossible) it is to attribute to Putin this exposure of the nefarious activity of Podesta and Clinton.

Given what we have learned this past week — the rigging of the Democrat Party’s nomination by Clinton as alleged by Brazile, her purchase of the discredited “Russian dossier on Trump” for $12 M, and the connection of the Podesta brothers to Manafort and the pro-Russian government of Ukraine, collusion with Russia seems irrefutable. But it wasn’t Trump who was colluding with Putin. It was John and Tony Podesta as well as Hillary Clinton and her campaign. According to Tucker Carlson of FOX News, Mueller’s investigation is now shifting away from Trump and looking at the Podestas, Manafort, and we can only hope, at Hillary Clinton as well.

The INTRODUCTION of my paper and its THESIS are included here in text, followed by the full paper in PDF form for downloading and review.

Introduction

With the increased flexibility of cloud computing and, generally speaking, its lower costs, come the undesirable probability that the data assets of organizations exploiting these resources will experience a systems security breach exposing its data to the outside world. We continue to read headlines of companies and countries whose data assets have been hacked with stunning consequences. The recent disclosure of the massive attack at Equifax demonstrates how serious data breaches have become. 44% of the U.S. population had data pertinent to its identity breached.

However, an even more serious type of breach using hacking as a weapon of war has come into focus. The intent of this paper is to answer a series of questions about the Sony data breach of 2014 as a well-known example, and conclude with a summation of those factors that identify whether a nation-state has foisted a data security breach (“in the cloud”) against an adversary. The questions this paper seeks to answer in the first portion of this paper are:

What went wrong (in the major “cloud breach” at Sony Pictures)?

Why did it occur (what failures in security were determined afterward)?

Who was responsible (what evidence was produced that identified the culprit)?

Could this event have been prevented (what measure or steps could have been taken?)

What advice should Sony Pictures take to prevent a similar breach in the future?

The second portion of the paper will examine the challenges in attributing a cyber-attack (or cyber-espionage) based on the “fingerprints” left by its actors. It will be argued that scholarship has compellingly challenged the authenticity of any claim that the source of an attack can be known with certainty except in those cases where the attackers are unsophisticated, its source easily ascertained or publicly admitted. The conclusion: Attribution comprises a political statement made by its victims, not a technical one that can be proven with irrefutable evidence.

Thesis

With the supposed Russian hacking of the Democratic National Committee (DNC) in 2016, the specter of “state-sponsored” hacking (nation-states breaking into strategic information to attack their enemies), has moved front and center. The most famous example of a state-sponsored data breach occurred at Sony Pictures, carried out by North Korea, to financially harm Sony for distributing a movie “The Interview,” a comedy starring Seth Rogen and James Franco, which mocked North Korean leader, Kim Jong Un (the movie was slated for release on December 25, 2014). While there was some debate as to who carried out this attack, this event has now been widely accepted as an authentic example of a state-sponsored terrorist attack.

So, in addition to answering some fundamental questions about what happened at Sony that increased the probability of attack, this paper will also consider the matter of attribution in cyber-attacks and cyber-terrorism.[1] That is, “How do we identify that a ‘hack attack’ was the result of a particular nation state’s nefarious activity? What are the attributes that, like fingerprints, tell us the hacking was political and not merely for notoriety or for profit?” The paper will attempt to demonstrate why assigning responsibility to a particular nation state in carrying out an act of cyber-warfare constitutes a high-stakes game based on suspect accusations which limit clear outcomes. Thus, the allegations of those in the Democratic Party in the U.S., that Russia conducted a cyber-attack on the DNC, much less the never-made-public evidence that Russia colluded with Donald Trump (somehow related to this attack), remains highly suspect due to the inexactness of attribution. In summary, attributing the Sony attack to North Korea is one thing. Attributing a possible DNC email attack to Russian cyber-espionage is quite another.

Notes

[1] Note: when using less common words as cyber-attacks, cyber-terrorism, and cyber-crime, for clarity and consistency sake, the paper will standardize on their hyphenated forms.